Open laurent22 opened 9 months ago
Hi, I'm Shubhom Srivastava, I liked the problem this project is trying to solve. But I'm thinking how are going to do the code review. Since, I'm still in college I don't know different code review tools used, in my current internship we usually sit in a meet with a senior and do the code review. what I'm thinking to do for this problem is building a CLI tool like Heroku which has similar commands to git, using this we can do get two things done
Currently working on the code review part, @laurent22 can you review this proposal ?
Currently, the Joplin application gets the list of plugins from our GitHub repository, and that repository is automatically built based on the third-party plugins that have been published to npm. We generally don't do any checks on these plugins except for those that are marked as "recommended", which are those developed by the team or long term contributors.
In order to make it safer for users to install plugins, it would be good to have a review process. Many plugins are relatively simple and we have perhaps 3 or 4 updates per week so it should be doable. The advantage is that we can guarantee that all reviewed plugins are safe to install, which would be interesting to users who no longer need to limit themselves to recommended plugins only.
To minimise changes to the existing process, we could integrate the review process in that way:
Once we have the .jpl the rest of our process will be identical.
Questions